jackrabbit-users mailing list archives

hi nick
from what i see in your web.xml you have the missing-auth-mapping
set to <param-value>anonymous:anonymous</param-value>.
you are never be prompted for authentication, right?
so, you always get a session for the anonymous user when
requesting through the webdav server.
and i would assume, that the anonymous user does not have
write permission.
if this is the reason for you problem, i would suggest, that
you either omit the missing-auth-mapping parameter or set
the param-value to define the userId/password of a user that
has write permission.
hope that helps
angela
nick_stolwijk@planet.nl wrote:
> In our application we have Jackrabbit 1.3.1. We try to get write rights through webdav,
but can't get it right. In our repository.xml we have the following security section:
>
> <Security appName="Jackrabbit">
> <!--
> access manager:
> class: FQN of class implementing the AccessManager interface
> -->
> <AccessManager
> class="org.apache.jackrabbit.core.security.SimpleAccessManager">
> <!-- <param name="config" value="${rep.home}/access.xml"/> -->
> </AccessManager>
>
> <LoginModule
> class="org.apache.jackrabbit.core.security.SimpleLoginModule">
> <!-- anonymous user name ('anonymous' is the default value) -->
> <param name="anonymousId" value="anonymous" />
> <!--
> default user name to be used instead of the anonymous user
> when no login credentials are provided (unset by default)
> -->
> <!-- <param name="defaultUserId" value="superuser"/> -->
> </LoginModule>
> </Security>
>
> And our web.xml is also configured:
> <servlet>
> <servlet-name>Webdav</servlet-name>
> <description>The webdav servlet that connects HTTP request to the repository.</description>
> <servlet-class>nl.ourcompany.servlet.SimpleWebdavServlet</servlet-class>
>
> <init-param>
> <param-name>resource-path-prefix</param-name>
> <param-value>/repository</param-value>
> <description>defines the prefix for spooling resources out of the repository.</description>
> </init-param>
>
> <init-param>
> <param-name>missing-auth-mapping</param-name>
> <param-value>anonymous:anonymous</param-value>
> <description>
> Defines how a missing authorization header should be handled. 1) If this
init-param is missing, a 401 response is generated. This is suiteable for clients (eg.
> webdav clients) for which sending a proper authorization header is not
possible if the server never sent a 401. 2) If this init-param is present with an empty
> value, null-credentials are returned, thus forcing an null login on the
repository. 3) If this init-param has a 'user:password' value, the respective simple
> credentials are generated.
> </description>
> </init-param>
>
> <!--
> Optional parameter to define the value of the 'WWW-Authenticate' header
> -->
> <!--
> <init-param>
> <param-name>authenticate-header</param-name>
> <param-value>Basic realm="Jackrabbit Webdav Server"</param-value>
> <description>
> Defines the value of the 'WWW-Authenticate' header.
> </description>
> </init-param>
> -->
> <!--
> Parameter used to configure behaviour of webdav resources such as:
> - destinction between collections and non-collections
> - resource filtering
> -->
> <init-param>
> <param-name>resource-config</param-name>
> <param-value>/WEB-INF/jcr-webdav-config.xml</param-value>
> <description>Defines various dav-resource configuration parameters.</description>
> </init-param>
> <load-on-startup>4</load-on-startup>
> </servlet>
>
> Where the servlet-class is a straight copy of the Jackrabbit class.
>
> With this configuration we are able to list the files in a WebDAV browser (like Konquerer),
for example on webdav://localhost/context/repository/default. Also, when we try to log on
with system (webdav://system@localhost/context/repository/default) we get the listing, but
we are not allowed to do any file modification (move, delete, create, adjust).
>
> In earlier versions of Jackrabbit we were allowed to do file modifications. Is this changed
somehow? And how can we change files through webdav at the moment?
>
> With regards,
>
> Nick Stolwijk
>